Student007
commented
8 years ago Thanks @sdaitzman for this important feedback. You are absolutely right !
@johnnyman727 maybe it would be a good idea to ask for a password after sending the command. Something like this:
t2 wifi -n <network-name>
Do yo like to enter a password (y/N)
that way it would not be required to enter it on the command line.
I think we can use the same library like we use for menu (inquirer). This shouldn't add much changes because we can add this functionality at the beginning of controller.connectToNetwork similar to this:
if(!opt.password){
inquirer.prompt([
{
type: 'password',
message: 'Enter Wifi password (or just Enter)',
name: 'password'
}
]).then(function (answers) {
opts.password = JSON.stringify(answers).password;
});
}
// ...@rwaldron this solution does not work but bases on the password example of inquirer. I also tested this with controller.menu({prompt:{type: 'password',//...}}) but in that case the promise doesn't stop for the input.
(I have to stop for today - in the morning lecture period starts again :wink:)
johnnyman727
Many people do not know that all commands run in a shell like bash, zsh or fish are saved to a history that is easily accessible. I'm able to remove this log after running the wifi setup command, but many people won't know that they should. To maintain a secure network, it's important to never store passwords in cleartext like this. Running the wifi setup command
$ t2 wifi -n <network-name> -p <password>saves the wireless password in plaintext to an easily accessible file, the command history log, which is something I don't want to do.What if the command were interactive? You run
$ t2 wifiand it prompts you for the network name (or, better yet, you choose from a list with an "enter manually" option) and a network password. I'd be willing to help implement this if no one else would like to, but saving wireless passwords in command history is _NOT GOOD_.